Alpine security: Difference between revisions
No edit summary |
(use https where possible) |
||
| Line 20: | Line 20: | ||
| bkeymaps | | bkeymaps | ||
| Binary keymaps for busybox | | Binary keymaps for busybox | ||
| | | https://dev.alpinelinux.org/alpine/bkeymaps{{dead link}} | ||
|- | |- | ||
| network-extras | | network-extras | ||
| Line 53: | Line 53: | ||
| flawfinder | | flawfinder | ||
| Examines C/C++ source code for security flaws | | Examines C/C++ source code for security flaws | ||
| | | https://www.dwheeler.com/flawfinder/ | ||
|- | |- | ||
| rats | | rats | ||
| Line 61: | Line 61: | ||
| pychecker | | pychecker | ||
| A analyser for python source code | | A analyser for python source code | ||
| | | https://pychecker.sourceforge.net/ | ||
|- | |- | ||
| pyflakes | | pyflakes | ||
| Line 82: | Line 82: | ||
| splint | | splint | ||
| An implementation of the lint program | | An implementation of the lint program | ||
| | | https://www.splint.org/ | ||
|- | |- | ||
| valgrind | | valgrind | ||
| A tool for finding memory-management problems | | A tool for finding memory-management problems | ||
| | | https://valgrind.org/ | ||
|- | |- | ||
| pscan | | pscan | ||
| Line 131: | Line 131: | ||
| wipe | | wipe | ||
| Tool for securely erasing files from magnetic media | | Tool for securely erasing files from magnetic media | ||
| | | https://lambda-diode.com/software/wipe/{{dead link}} | ||
|- | |- | ||
| nwipe | | nwipe | ||
| Line 147: | Line 147: | ||
| aimage | | aimage | ||
| Advanced Disk Imager | | Advanced Disk Imager | ||
| | | https://www.afflib.org | ||
|- | |- | ||
| fiwalk | | fiwalk | ||
| Batch analysis of a disk image | | Batch analysis of a disk image | ||
| | | https://www.afflib.org | ||
| Line 158: | Line 158: | ||
| ftimes | | ftimes | ||
| A system baselining and evidence collection too | | A system baselining and evidence collection too | ||
| | | https://ftimes.sourceforge.net/FTimes/ | ||
https://sourceforge.net/projects/cdpr/ | |||
| rarcrack | | rarcrack | ||
| | | https://rarcrack.sourceforge.net/ | ||
| extcarve | | extcarve | ||
| safecopy | | safecopy | ||
| A data recovery tool | | A data recovery tool | ||
| | | https://safecopy.sourceforge.net/ | ||
* scalpel Fast file carver working on disk images http://www.digitalforensicssolutions.com/Scalpel/ | * scalpel Fast file carver working on disk images http://www.digitalforensicssolutions.com/Scalpel/ | ||
* afftools - Utilities for afflib | * afftools - Utilities for afflib https://afflib.org/ | ||
* examiner - Utility to disassemble and comment foreign executable binaries | * examiner - Utility to disassemble and comment foreign executable binaries | ||
* firstaidkit - System Rescue Tool | * firstaidkit - System Rescue Tool | ||
| Line 182: | Line 182: | ||
chntpw | chntpw | ||
samdump2 | samdump2 https://sourceforge.net/projects/ophcrack/files/samdump2/2.0.1/ | ||
creddump | creddump https://code.google.com/p/creddump/ | ||
Hydra | Hydra | ||
Medusa | Medusa | ||
volatility An advanced memory forensics framework | volatility An advanced memory forensics framework https://code.google.com/p/volatility/ | ||
pdfcrack A Password Recovery Tool for PDF files | pdfcrack A Password Recovery Tool for PDF files https://pdfcrack.sourceforge.net/ | ||
https://code.google.com/p/logkeys/ | |||
--> | --> | ||
| Line 241: | Line 241: | ||
| tcptrack | | tcptrack | ||
| Displays information about tcp connections on a network interface | | Displays information about tcp connections on a network interface | ||
| | | https://www.rhythm.cx/~steve/devel/tcptrack/{{dead link}} | ||
|- | |- | ||
| tcpflow | | tcpflow | ||
| Line 249: | Line 249: | ||
| tcpproxy | | tcpproxy | ||
| Transparent TCP Proxy | | Transparent TCP Proxy | ||
| | | https://www.quietsche-entchen.de/cgi-bin/wiki.cgi/proxies/TcpProxy{{dead link}} | ||
|- | |- | ||
| etherdump | | etherdump | ||
| An extremely small packet sniffer | | An extremely small packet sniffer | ||
| | | https://freshmeat.sourceforge.net/projects/etherdump/ | ||
|- | |- | ||
| netdiscover | | netdiscover | ||
| Line 269: | Line 269: | ||
| nfswatch | | nfswatch | ||
| An NFS traffic monitoring tool | | An NFS traffic monitoring tool | ||
| | | https://nfswatch.sourceforge.net/ | ||
|- | |- | ||
| p0f | | p0f | ||
| Line 281: | Line 281: | ||
| sslscan | | sslscan | ||
| Security assessment tool for SSL | | Security assessment tool for SSL | ||
| | | https://sourceforge.net/projects/sslscan/ | ||
|- | |- | ||
| httpry | | httpry | ||
| Line 313: | Line 313: | ||
| hexinject | | hexinject | ||
| A very versatile packet injector and sniffer | | A very versatile packet injector and sniffer | ||
| | | https://hexinject.sourceforge.net/ | ||
|- | |- | ||
| [[Setting up OpenVAS9|openvas]] | | [[Setting up OpenVAS9|openvas]] | ||
| Line 324: | Line 324: | ||
whatweb | whatweb | ||
A website fingerprinter | A website fingerprinter | ||
https://www.morningstarsecurity.com/research/whatweb | |||
blindelephant | blindelephant | ||
A web application fingerprinter | A web application fingerprinter | ||
https://blindelephant.sourceforge.net/ | |||
dpkt | dpkt | ||
python packet creation / parsing library | python packet creation / parsing library | ||
https://code.google.com/p/dpkt/ | |||
Wireplay | Wireplay | ||
A minimalist approach to replay pcap dumped TCP sessions with modification as required. | A minimalist approach to replay pcap dumped TCP sessions with modification as required. | ||
https://code.google.com/p/wireplay/ | |||
|- | |- | ||
| Line 343: | Line 343: | ||
| http://www.nta-monitor.com/tools/ike-scan/ | | http://www.nta-monitor.com/tools/ike-scan/ | ||
https://inguma.sourceforge.net/ | |||
* nuttcp | * nuttcp https://www.nuttcp.net | ||
* argus | * argus https://qosient.com/argus/ | ||
* tcpick | * tcpick https://tcpick.sourceforge.net/ | ||
* tcpreen -- A TCP/IP re-engineering and monitoring program | * tcpreen -- A TCP/IP re-engineering and monitoring program | ||
* tcpdump -- A network traffic monitoring tool | * tcpdump -- A network traffic monitoring tool | ||
| Line 362: | Line 362: | ||
* unicornscan http://www.unicornscan.org/ | * unicornscan http://www.unicornscan.org/ | ||
* dsniff - Tools for network auditing and penetration testing | * dsniff - Tools for network auditing and penetration testing | ||
* httpry | * httpry https://dumpsterventures.com/jason/httpry/ | ||
* justniffer | * justniffer | ||
* dietsniff | * dietsniff | ||
* Nast http://nast.berlios.de/ | * Nast http://nast.berlios.de/ | ||
* brutessh http://www.edge-security.com/brutessh.php | * brutessh http://www.edge-security.com/brutessh.php | ||
* ettercap | * ettercap https://ettercap.sourceforge.net/ A network traffic sniffer/analyser | ||
* icmpshell A tool that only uses ICMP for connections | * icmpshell A tool that only uses ICMP for connections https://icmpshell.sourceforge.net/ | ||
https://code.google.com/p/yapscan/ | |||
egressor http://packetfactory.openwall.net/projects/egressor/ | egressor http://packetfactory.openwall.net/projects/egressor/ | ||
arpoc http://www.phenoelit.org/arpoc/index.html | arpoc http://www.phenoelit.org/arpoc/index.html | ||
loadbalancer-finder | loadbalancer-finder https://code.google.com/p/loadbalancer-finder/ | ||
--> | --> | ||
| Line 402: | Line 402: | ||
| arachni | | arachni | ||
| Web application security scanner framework | | Web application security scanner framework | ||
| | | https://arachni-scanner.com/ | ||
| | | | ||
wpscan | wpscan https://wpscan.org/ A vulnerability scanner for WordPress installations | ||
http://www.rootkit.nl/projects/lynis.html | http://www.rootkit.nl/projects/lynis.html | ||
wapiti | wapiti https://www.ict-romulus.eu/web/wapiti/home | ||
* proxystrike http://www.edge-security.com/proxystrike.php | * proxystrike http://www.edge-security.com/proxystrike.php | ||
* sqlmap | * sqlmap https://sqlmap.sourceforge.net/ | ||
* ratproxy - A passive web application security assessment tool | * ratproxy - A passive web application security assessment tool | ||
* sqlninja | * sqlninja | ||
* fimap A little tool for local and remote file inclusion auditing and exploitation | * fimap A little tool for local and remote file inclusion auditing and exploitation https://code.google.com/p/fimap/ | ||
* burpproxy | * burpproxy | ||
mysqlenum An automatic blind SQL injection tool | mysqlenum An automatic blind SQL injection tool | ||
| Line 421: | Line 421: | ||
http://freecode.com/projects/trusion | http://freecode.com/projects/trusion | ||
http://www.parosproxy.org/ | http://www.parosproxy.org/ | ||
BeEF | BeEF https://beefproject.com/ | ||
https://code.google.com/p/zaproxy/ | |||
https://code.google.com/p/webapptools/ | |||
slowhttptest An application Layer DoS attack simulator | slowhttptest An application Layer DoS attack simulator https://code.google.com/p/slowhttptest/ | ||
https://code.google.com/p/ghost-phisher/ | |||
https://code.google.com/p/fern-wifi-cracker/ | |||
https://code.google.com/p/intrinsec-xmlrpc-scanner/ | |||
https://code.google.com/p/gsploit/ | |||
patator A multi-purpose brute-forcer, with a modular design and a flexible usage | patator A multi-purpose brute-forcer, with a modular design and a flexible usage https://code.google.com/p/patator/ | ||
--> | --> | ||
| Line 453: | Line 453: | ||
| fping | | fping | ||
| A utility to ping multiple hosts at once | | A utility to ping multiple hosts at once | ||
| | | https://fping.sourceforge.net/ | ||
|- | |- | ||
| mtr | | mtr | ||
| Line 493: | Line 493: | ||
| bash-completion | | bash-completion | ||
| Command-line tab-completion for bash | | Command-line tab-completion for bash | ||
| | | https://bash-completion.alioth.debian.org/{{dead link}} | ||
|- | |- | ||
| clamav | | clamav | ||
| Line 501: | Line 501: | ||
| p7zip | | p7zip | ||
| A command-line port of the 7zip compression utility | | A command-line port of the 7zip compression utility | ||
| | | https://p7zip.sourceforge.net/ | ||
|- | |- | ||
| nano | | nano | ||
| Line 525: | Line 525: | ||
| shed | | shed | ||
| A simple hex editor | | A simple hex editor | ||
| | | https://shed.sourceforge.net/ | ||
|- | |- | ||
| e2fsprogs | | e2fsprogs | ||
| Standard Ext2/3/4 filesystem utilities | | Standard Ext2/3/4 filesystem utilities | ||
| | | https://e2fsprogs.sourceforge.net/ | ||
|- | |- | ||
| openssh | | openssh | ||
| Line 549: | Line 549: | ||
| proxychains | | proxychains | ||
| A tool that forces any TCP connection through proxies | | A tool that forces any TCP connection through proxies | ||
| | | https://proxychains.sourceforge.net | ||
|- | |- | ||
| knock | | knock | ||
| Line 557: | Line 557: | ||
| logcheck | | logcheck | ||
| A simple utility which is designed to allow a system administrator to view the logfiles | | A simple utility which is designed to allow a system administrator to view the logfiles | ||
| | | https://logcheck.org{ | ||
|- | |- | ||
| mc | | mc | ||
| Line 565: | Line 565: | ||
| makepasswd | | makepasswd | ||
| Generates (pseudo-)random passwords of a desired length | | Generates (pseudo-)random passwords of a desired length | ||
| | | https://people.defora.org/~khorben/projects/makepasswd/{{dead link}} | ||
|- | |- | ||
| lnav | | lnav | ||
| Line 583: | Line 583: | ||
| denyhosts | | denyhosts | ||
| A script to help thwart ssh server attacks | | A script to help thwart ssh server attacks | ||
| | | https://denyhosts.sourceforge.net/ | ||
| fwknop | | fwknop | ||
| A cobination of port knocking and passive OS fingerprinting | | A cobination of port knocking and passive OS fingerprinting | ||
| | | https://www.cipherdyne.org/fwknop/ | ||
chkrootkit | chkrootkit | ||
bonesi | bonesi https://code.google.com/p/bonesi/ | ||
--> | --> | ||
| Line 603: | Line 603: | ||
| sipp | | sipp | ||
| A test tool / traffic generator for the SIP protocol | | A test tool / traffic generator for the SIP protocol | ||
| | | https://sipp.sourceforge.net/ | ||
|- | |- | ||
| voiphopper | | voiphopper | ||
| A VLAN Hop security test | | A VLAN Hop security test | ||
| | | https://voiphopper.sourceforge.net/ | ||
|- | |- | ||
| sipvicious | | sipvicious | ||
| Line 615: | Line 615: | ||
| sipcrack | | sipcrack | ||
| A SIP protocol login cracker | | A SIP protocol login cracker | ||
| | | https://packages.debian.org/sipcrack | ||
|- | |- | ||
| sipsak | | sipsak | ||
| SIP swiss army knife | | SIP swiss army knife | ||
| | | https://sipsak.org/{{dead link}} | ||
|- | |- | ||
| smap | | smap | ||
| A simple scanner for SIP enabled devices | | A simple scanner for SIP enabled devices | ||
| | | https://www.wormulon.net/smap{{dead link}} | ||
|} | |} | ||
| Line 630: | Line 630: | ||
| oreka | | oreka | ||
| An audio stream recording and retrieval system | | An audio stream recording and retrieval system | ||
| | | https://oreka.sourceforge.net/ | ||
|- | |- | ||
| sipflanker | | sipflanker | ||
| Finder for vulnerable Web GUIs deployed by IP phones and PBXs | | Finder for vulnerable Web GUIs deployed by IP phones and PBXs | ||
| | | https://code.google.com/p/sipflanker/ | ||
ucsniff A VoIP and IP video security assessment tool | ucsniff A VoIP and IP video security assessment tool https://ucsniff.sourceforge.net/ | ||
videosharf | videosharf | ||
--> | --> | ||
| Line 650: | Line 650: | ||
| weplab | | weplab | ||
| Analyzing WEP encryption security on wireless networks | | Analyzing WEP encryption security on wireless networks | ||
| | | https://weplab.sourceforge.net/{{dead link}} | ||
|- | |- | ||
| kismet | | kismet | ||
| Line 658: | Line 658: | ||
| cowpatty | | cowpatty | ||
| Attacking WPA/WPA2-PSK exchanges | | Attacking WPA/WPA2-PSK exchanges | ||
| | | https://www.willhackforsushi.com/Cowpatty.html{{dead link}} | ||
|- | |- | ||
| wavemon | | wavemon | ||
| Line 670: | Line 670: | ||
| aircrack-ng | | aircrack-ng | ||
| 802.11 (wireless) sniffer and WEP/WPA-PSK key cracker | | 802.11 (wireless) sniffer and WEP/WPA-PSK key cracker | ||
| | | https://www.aircrack-ng.org/ | ||
* pgpry PGP private key recovery | * pgpry PGP private key recovery https://pgpry.sourceforge.net/ | ||
* airsnarf A rogue AP setup utility http://airsnarf.shmoo.com/ | * airsnarf A rogue AP setup utility http://airsnarf.shmoo.com/ | ||
* lorcon http://802.11ninja.net/lorcon/ A library for injecting 802.11 (WLAN) frames | * lorcon http://802.11ninja.net/lorcon/ A library for injecting 802.11 (WLAN) frames | ||
quickset A suite of tools designed to setup the basics for a PenTest | quickset A suite of tools designed to setup the basics for a PenTest https://code.google.com/p/quickset/ | ||
wifite An automated wireless auditor | wifite An automated wireless auditor https://code.google.com/p/wifite/ | ||
reaver Brute force attack against Wifi Protected Setup | reaver Brute force attack against Wifi Protected Setup https://code.google.com/p/reaver-wps/ | ||
--> | --> | ||
| Line 690: | Line 690: | ||
| nebula | | nebula | ||
| An Intrusion Signature Generator | | An Intrusion Signature Generator | ||
| | | https://nebula.carnivore.it/{{dead link}} | ||
|- | |- | ||
| snort | | snort | ||
| Line 704: | Line 704: | ||
pads| Passive Asset Detection System | pads| Passive Asset Detection System | ||
rkhunter| A host-based tool to scan for rootkits, backdoors and local exploits | rkhunter| A host-based tool to scan for rootkits, backdoors and local exploits | ||
tiger| Security auditing on UNIX systems| | tiger| Security auditing on UNIX systems| https://www.nongnu.org/tiger/ | ||
prelude-lml| The prelude log analyzer | prelude-lml| The prelude log analyzer | ||
prewikka| Graphical front-end analysis console for the Prelude Hybrid IDS * Framework | prewikka| Graphical front-end analysis console for the Prelude Hybrid IDS * Framework | ||
prelude-manager| Prelude-Manager | prelude-manager| Prelude-Manager | ||
nemesis|A TCP/IP packet injection tool| | nemesis|A TCP/IP packet injection tool| https://nemesis.sourceforge.net/ | ||
inundator| An IDS detection false positives generator| | inundator| An IDS detection false positives generator| https://inundator.sourceforge.net/ | ||
--> | --> | ||
<!-- | <!-- | ||
More tools: | More tools: | ||
https://sectools.org/tag/new/ | |||
https://www.voipsa.org/Resources/tools.php | |||
http://securitytube-tools.net/index.php?title=Welcome_to_SecurityTube_Tools | http://securitytube-tools.net/index.php?title=Welcome_to_SecurityTube_Tools | ||
http://www.goitworld.com/top-15-free-sql-injection-scanners/ | http://www.goitworld.com/top-15-free-sql-injection-scanners/ | ||
Revision as of 10:21, 7 August 2023
 This appears to be related to a deprecated script. See notice on Alpine Security and Rescue (Discuss) |
Note: This is work in progress. Not all packages are available at the moment.
Basics
| Name | Description | URL |
|---|---|---|
| alpine-base | Alpine base package | https://pkgs.alpinelinux.org/packages?name=alpine-base |
| alpine-mirrors | List of Official Alpine Linux Mirrors | https://mirrors.alpinelinux.org/ |
| bkeymaps | Binary keymaps for busybox | https://dev.alpinelinux.org/alpine/bkeymaps[Dead Link] |
| network-extras | Meta package to pull in vlan, bonding, bridge and wifi support | https://pkgs.alpinelinux.org/packages?name=network-extras |
| openssl | Toolkit for TLS | https://www.openssl.org/ |
| tzdata | Timezone data | https://www.iana.org/time-zones |
Code Analysis
| Name | Description | URL |
|---|---|---|
| rpmlint | A tool for checking common errors in RPM packages | https://github.com/rpm-software-management/rpmlint |
| pylint | Analyzes Python code looking for bugs and signs of poor quality | https://pypi.org/project/pylint/ |
| flawfinder | Examines C/C++ source code for security flaws | https://www.dwheeler.com/flawfinder/ |
| rats | A tool to find security related programming errors | https://www.fortify.com/ssa-elements/threat-intelligence/rats.html |
| pychecker | A analyser for python source code | https://pychecker.sourceforge.net/ |
| pyflakes | A passive checker of Python programs | https://launchpad.net/pyflakes |
| strace | A useful diagnositic, instructional, and debugging tool | https://strace.io/ |
| netsink | A Network Sinkhole for Isolated Malware Analysis | https://github.com/shendo/netsink |
Forensics / Data recovery tools
| Name | Description | URL |
|---|---|---|
| dc3dd | Patched version of GNU dd for use in computer forensics | https://sourceforge.net/projects/dc3dd/ |
| ddrescue | Data recovery tool for block devices with errors | https://www.gnu.org/s/ddrescue/ddrescue.html |
| testdisk | A powerful free data recovery software | https://www.cgsecurity.org/wiki/TestDisk |
| scrub | Disk scrubbing program | https://code.google.com/archive/p/diskscrub/ |
| ncdu | A curses-based version of the well-known "du" | https://dev.yorhel.nl/ncdu |
| htop | An interactive process viewer for Linux | https://htop.dev/ |
| mac-robber | A tool that collects data from allocated files in a mounted file system | https://www.sleuthkit.org/mac-robber/desc.php |
| wipe | Tool for securely erasing files from magnetic media | https://lambda-diode.com/software/wipe/[Dead Link] |
| nwipe | Securely erase disks using a variety of recognized methods | https://github.com/martijnvanbrummelen/nwipe/ |
| jhead | An Exif jpeg header manipulation tool | https://www.sentex.net/~mwandel/jhead/ |
Reconnaissance
| Name | Description | URL |
|---|---|---|
| arpalert | Monitor ARP changes in ethernet networks | https://www.arpalert.org/arpalert.html |
| arpon | ARP handler inspection | https://arpon.sourceforge.io/ |
| dnsenum | A tool to enumerate DNS info about domains | https://github.com/fwaeytens/dnsenum |
| halberd | A tool to discover HTTP load balancers | https://github.com/jmbr/halberd |
| scanssh | Fast SSH server and open proxy scanner | https://monkey.org/~provos/scanssh/ |
| ngrep | Network layer grep tool | https://github.com/jpr5/ngrep/ |
| netsniff-ng | A performant Linux network analyzer and networking toolkit | |
| scapy | Interactive packet manipulation tool and network scanner | https://scapy.net/ |
| socat | Bidirectional data relay between two data channels ('netcat++') | |
| tcpdump | A network traffic monitoring tool | https://www.tcpdump.org/ |
| tcptrack | Displays information about tcp connections on a network interface | https://www.rhythm.cx/~steve/devel/tcptrack/[Dead Link] |
| tcpflow | A tool for monitoring, capturing and storing TCP connections flows | https://github.com/simsong/tcpflow |
| tcpproxy | Transparent TCP Proxy | https://www.quietsche-entchen.de/cgi-bin/wiki.cgi/proxies/TcpProxy[Dead Link] |
| etherdump | An extremely small packet sniffer | https://freshmeat.sourceforge.net/projects/etherdump/ |
| netdiscover | A network address discovering tool | https://sourceforge.net/projects/netdiscover/ |
| nmap | A network exploration tool and security/port scanner | https://nmap.org |
| arpwatch | An ethernet monitoring program | https://ee.lbl.gov/ |
| nfswatch | An NFS traffic monitoring tool | https://nfswatch.sourceforge.net/ |
| p0f | Passive traffic fingerprinting tool | https://lcamtuf.coredump.cx/p0f3/ |
| hping3 | A ping-like TCP/IP packet assembler/analyzer | |
| sslscan | Security assessment tool for SSL | https://sourceforge.net/projects/sslscan/ |
| httpry | A packet sniffer designed for HTTP traffic | https://dumpsterventures.com/jason/httpry |
| bannergrab | A banner grabbing tool | https://sourceforge.net/projects/bannergrab |
| dnstop | A DNS traffic capture utility | |
| flunym0us | A vulnerability scanner for wordpress and moodle | https://code.google.com/archive/p/flunym0us/ |
| swaks | A transaction-oriented SMTP test tool | https://www.jetmore.org/john/code/swaks/ |
| onesixtyone | An efficient SNMP scanner | |
| mitmproxy | An interactive SSL-capable intercepting HTTP proxy | https://www.mitmproxy.org/ |
| hexinject | A very versatile packet injector and sniffer | https://hexinject.sourceforge.net/ |
| openvas | Vulnerability scanner and manager | https://www.openvas.org/ |
Application Testing
| Name | Description | URL |
|---|---|---|
| wbox | HTTP testing tool and configuration-less HTTP server | |
| slowhttptest | An application Layer DoS attack simulator | https://github.com/shekyan/slowhttptest |
| nikto | A web application security scanner | https://www.cirt.net/Nikto2 |
Network statistics
| Name | Description | URL |
|---|---|---|
| iperf | Tool to measure IP bandwidth using UDP or TCP | https://github.com/esnet/iperf |
| iptraf-ng | A console-based network monitoring utility | https://fedorahosted.org/iptraf-ng/ |
| iptop | Command line tool that displays bandwidth usage on an interface | https://www.ex-parrot.com/~pdw/iftop/ |
| fping | A utility to ping multiple hosts at once | https://fping.sourceforge.net/ |
| mtr | Full screen ncurses traceroute tool | https://www.bitwizard.nl/mtr/ |
| speedometer | Measure and display the rate of data across a network connection or data being stored in a file | https://excess.org/speedometer/ |
| nfdump | The nfdump tools collect and process netflow data on the command line | https://github.com/phaag/nfdump |
| nethogs | Top-like monitor for network traffic | https://raboof.github.io/nethogs/ |
| iptstate | Top-like interface to netfilter connection-tracking table | https://www.phildev.net/iptstate/ |
Misc tools
| Name | Description | URL |
|---|---|---|
| bash-completion | Command-line tab-completion for bash | https://bash-completion.alioth.debian.org/[Dead Link] |
| clamav | An anti-virus toolkit for UNIX | https://www.clamav.net |
| p7zip | A command-line port of the 7zip compression utility | https://p7zip.sourceforge.net/ |
| nano | A simple ncurses text editor | https://www.nano-editor.org/ |
| rsync | A file transfer program to keep remote files in sync | https://rsync.samba.org/ |
| screen | A terminal multiplexer, used to multiplex several virtual consoles. Similar to "tmux" below | https://www.gnu.org/software/screen/ |
| tmux | A terminal multiplexer, used to multiplex several virtual consoles. Similar to "screen" above | https://tmux.github.io/ |
| multitail | A tool to view one or multiple files | https://www.vanheusden.com/multitail |
| shed | A simple hex editor | https://shed.sourceforge.net/ |
| e2fsprogs | Standard Ext2/3/4 filesystem utilities | https://e2fsprogs.sourceforge.net/ |
| openssh | An open source implementation of SSH protocol versions 1 and 2 | https://www.openssh.com/ |
| passwdgen | A random password generator | https://code.google.com/archive/p/passwdgen/ |
| partclone | Back up and restore used-blocks of a partition | https://partclone.org/ |
| sshguard | Log monitor that blocks with iptables on bad behaviour | https://www.sshguard.net/ |
| proxychains | A tool that forces any TCP connection through proxies | https://proxychains.sourceforge.net |
| knock | A simple port-knocking daemon | https://www.zeroflux.org/projects/knock |
| logcheck | A simple utility which is designed to allow a system administrator to view the logfiles | https://logcheck.org{ |
| mc | A visual file manager | https://www.midnight-commander.org/ |
| makepasswd | Generates (pseudo-)random passwords of a desired length | https://people.defora.org/~khorben/projects/makepasswd/[Dead Link] |
| lnav | A curses-based tool for viewing and analyzing log files | https://lnav.org |
| goaccess | A real-time web log analyzer and interactive viewer | https://goaccess.io/ |
VoIP
| Name | Description | URL |
|---|---|---|
| sipp | A test tool / traffic generator for the SIP protocol | https://sipp.sourceforge.net/ |
| voiphopper | A VLAN Hop security test | https://voiphopper.sourceforge.net/ |
| sipvicious | Tools for auditing SIP based VoIP systems | https://github.com/EnableSecurity/sipvicious |
| sipcrack | A SIP protocol login cracker | https://packages.debian.org/sipcrack |
| sipsak | SIP swiss army knife | https://sipsak.org/[Dead Link] |
| smap | A simple scanner for SIP enabled devices | https://www.wormulon.net/smap[Dead Link] |
Wireless
| Name | Description | URL |
|---|---|---|
| weplab | Analyzing WEP encryption security on wireless networks | https://weplab.sourceforge.net/[Dead Link] |
| kismet | A WLAN detector, sniffer, and IDS | https://www.kismetwireless.org/ |
| cowpatty | Attacking WPA/WPA2-PSK exchanges | https://www.willhackforsushi.com/Cowpatty.html[Dead Link] |
| wavemon | Ncurses-based monitoring application for wireless network devices | https://github.com/uoaerg/wavemon |
Intrusion detection
| Name | Description | URL |
|---|---|---|
| nebula | An Intrusion Signature Generator | https://nebula.carnivore.it/[Dead Link] |
| snort | A network intrusion prevention and detection system | https://www.snort.org/ |